Small and Medium Organizations: Secure Mobility
Mobile devices (e.g. cellular phones and tablets) are essential tools in day-to-day business operations. While they are easy to use, familiar, and convenient for employees, mobile devices can also act as entry points for malware to infect your organization’s networks.
How can my mobile devices be secured?
Your organization should ensure that there is strong separation between work and personal data on mobile devices. Before allowing mobile devices in the workplace, you should consider the following questions:
- Who will own mobile devices that connect to the corporate network?
- How will devices connect back to the corporate network and to other devices?
- How will users separate work and personal data? This separation needs to balance business (e.g. ease-of-use) and security needs. Prioritizing one over the other does not lead to good security outcomes.
Mobile devices ownership models include: 1) Corporately-owned, personally enabled (COPE), where devices are owned by your organization and enable personal use; and 2) Corporate owned business only (COBO), where devices are owned by your organization and are solely meant for business use.
Mobile device applications (apps) can act as entry points for malware. Your organization can minimize this risk by requiring that users only download apps from trusted sources or vendors.
For organizations with more resources at their disposal and a mature IT infrastructure, we recommend using an enterprise mobility management (EMM) solution. EMM solutions enable enhanced business features and improve the management and audit of mobile devices in the workplace.
Recommendations for your organization:
- Adopt an ownership model for mobile devices
- Enforce separation between work and personal data on mobile devices
- Ensure that employees only download mobile apps from your organization’s list of trusted sources
- Ensure that mobile devices store sensitive information in a secure and encrypted state
- Consider implementing an EMM solution for all mobile devices
- Enforce and educate users on how to enable communications over the most secure connection available